CVE-2020-15634
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-15634
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers with firmware 1.0.4.84_10.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to execute code in the context of the web server. Was ZDI-CAN-9755.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用外部控制的格式字符串
Source: NVD (National Vulnerability Database)
Vulnerability Title
NETGEAR R6700 格式化字符串错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NETGEAR R6700是美国网件(NETGEAR)公司的一款无线路由器。 使用1.0.4.84_10.0.58版本固件的NETGEAR R6700中存在格式化字符串错误漏洞,该漏洞源于在使用用户提交的字符串之前,程序没有正确验证该字符串。攻击者可利用该漏洞在Wen服务器的上下文中执行任意代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2020-15634
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-15634
请登录查看更多情报信息。
- https://www.zerodayinitiative.com/advisories/ZDI-20-935/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-15634
Same Patch Batch · NETGEAR · 2020-08-19 · 3 CVEs total
| CVE-2020-15635 | NETGEAR R6700 缓冲区错误漏洞 | |
| CVE-2020-15636 | 多款NETGEAR产品缓冲区错误漏洞 |
IV. Related Vulnerabilities
Same vendor: NETGEAR
- CVE-2026-24714
NETGEAR PR2000 安全漏洞 - CVE-2026-0404
Insufficient input validation in NETGEAR Orbi routers - CVE-2026-0408
Path traversal vulnerability in Netgear WiFi Range Extenders - CVE-2026-0407
Authentication bypass in NETGEAR WiFi Range Extenders via ne - CVE-2026-0406
Insufficient input validation in NETGEAR Nighthawk router XR
Same weakness: CWE-134
- CVE-2026-44407
Remote Denial of Service Vulnerability Exists in ZTE Cloud P - CVE-2026-6539
Notepad++ 8.9.3 Format String Injection via nativeLang.xml - CVE-2026-6843
Nano: nano: format string vulnerability leads to denial of s - CVE-2026-3509
CODESYS Control Audit Log Format String DoS - CVE-2026-33210
Ruby JSON has a format string injection vulnerability
V. Comments for CVE-2020-15634
No comments yet